mirror of
https://github.com/etesync/server
synced 2024-12-27 09:48:24 +00:00
added CSRF_TRUSTED_ORIGINS (#183)
Since some recent upgrade, I'm not able to login to the admin page of etesync (`/admin/login/`), because the CSRF check fails. After adding `CSRF_TRUSTED_ORIGINS = ['https://my-domain.com']`, it works. According to the [docs](https://docs.djangoproject.com/en/4.2/ref/settings/#csrf-trusted-origins), this setting is required in addition to `ALLOWED_HOSTS`.
This commit is contained in:
parent
2deb59e932
commit
19aba5345a
@ -164,6 +164,8 @@ if any(os.path.isfile(x) for x in config_locations):
|
|||||||
|
|
||||||
if "allowed_hosts" in config:
|
if "allowed_hosts" in config:
|
||||||
ALLOWED_HOSTS = [y for x, y in config.items("allowed_hosts")]
|
ALLOWED_HOSTS = [y for x, y in config.items("allowed_hosts")]
|
||||||
|
CSRF_TRUSTED_ORIGINS = ["https://" + y for x, y in config.items("allowed_hosts")] + \
|
||||||
|
["http://" + y for x, y in config.items("allowed_hosts")]
|
||||||
|
|
||||||
if "database" in config:
|
if "database" in config:
|
||||||
DATABASES = {"default": {x.upper(): y for x, y in config.items("database")}}
|
DATABASES = {"default": {x.upper(): y for x, y in config.items("database")}}
|
||||||
|
Loading…
Reference in New Issue
Block a user